Thresh simplifies Snort by managing alert thresholding and suppression using an application that's easy to use.
Thresh offers several distinctive features to users. For example, it can summarize Snort Alerts by alert count, allowing you to keep track of all the important data at a glance. It also enables the creation and editing of threshold.conf files and prunes your Snort database based on your tunings, making everything streamlined and efficient. Moreover, you can use this software to preview your alert suppressions before deletion, without the fear of losing any significant data.
This release features a host of improvements and upgrades that enhance the user experience significantly. The DB queries were corrected, which makes it much more user-friendly. Database pruning based on suppression sets was added, contributing to more efficient database management. Thresh underwent a major code cleanup, resulting in smoother and swifter performance. All errors with signature name queries were corrected, along with all read/write calls to config files.
Furthermore, the number of 'floating' variables between POSTs on all pages was reduced, and descriptions were added to description boxes. Rule edit/delete options were added, and issues with alert counts were corrected to contribute to an optimal user experience. Also, the developers came up with a cool way to perform CIDR block DELETEs and SELECTs in MySQL, making it easier to manage data effectively.
In conclusion, Thresh is a fantastic application that makes Snort management a breeze. It comes packed with numerous features and is backed by consistent progress and improvements, making it an essential tool for network administrators everywhere.
Version 1.5.0b: N/A